Jump to content

Recommended Posts

Hi... Is a new and very recent malware, here I leave you more information:

DoubleAgent: Zero-Day Code Injection and Persistence Technique


this part:

Microsoft has provided a new design concept for antivirus vendors called Protected Processes. The new concept is specially designed for antivirus services. Antivirus processes can be created as “Protected Processes” and the protected process infrastructure only allows trusted, signed code to load and has built-in defense against code injection attacks. This means that even if an attacker found a new Zero-Day technique for injecting code, it could not be used against the antivirus as its code is not signed. Currently no antivirus (except Windows Defender) has implemented this design. Even though Microsoft made this design available more than 3 years ago.
It’s important to note, that even when the antivirus vendors would block the registration attempts, the code injection technique and the persistency technique would live forever since it’s legitimate part of the OS.

but in your case, i think you should reinstall win...:unsure:

Link to post
Share on other sites

Sorry my bad, it was in CU3, not CU4.



Additionally, both this update and our previous 3.0.6 upgrade addressed a number of vulnerabilities reported to us by various security researchers.  Malwarebytes would like to thank John Page (hyp3rlinx) at ApparitionSec, Florian Bogner, Michael Engstler at Cybellum and Fortinet for their reports.


Link to post
Share on other sites

  • 1 month later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.